Re: can't block delete permissions
From: Eachus (Eachus_at_discussions.microsoft.com)
Date: 07/02/04
- Next message: Faisal: "SQL Server data security."
- Previous message: kjvt: "Re: Sync SQLServer Agent password with domain"
- In reply to: Hari: "Re: can't block delete permissions"
- Next in thread: Sue Hoegemeier: "Re: can't block delete permissions"
- Reply: Sue Hoegemeier: "Re: can't block delete permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 2 Jul 2004 09:07:02 -0700
Thanks for the suggestions. I tried this, and got the same result. It did have the effect of re-confirming that the deletions were being run under the permissions of the user in question, which was useful.
The goal here is to be able to block anybody, including programming team members, from being able to delete records in the production database's audit table.
Got any other suggestions where she might be getting delete permissions that override the explicit denial?
"Hari" wrote:
> Hi,
>
> Check the role associated for the user first by executing below command:-
>
> sp_helplogins <Login_name_for that _user'
>
> If you have any roles apart from db_datareader and db_datawriter revoke
> that.
>
> After this Execute the below command
>
> use <dbname>
> go
> deny delete on <table_name> to <user_name>
>
> After that login to query analyzer using that user and run the command:-
>
> select suser_sname()
>
> Now execute the delete statatement on that table.
>
>
- Next message: Faisal: "SQL Server data security."
- Previous message: kjvt: "Re: Sync SQLServer Agent password with domain"
- In reply to: Hari: "Re: can't block delete permissions"
- Next in thread: Sue Hoegemeier: "Re: can't block delete permissions"
- Reply: Sue Hoegemeier: "Re: can't block delete permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
